https://community.qlik.com/t5/Integration-Extension-APIs/Embedding-Sense-client-in-iframe-yields-authentication-problem/m-p/2420625#M19940 <P><SPAN class="message-body-wrapper"><SPAN class="message-flex-body"><SPAN class="message-body devtools-monospace"><SPAN class="objectBox objectBox-string">Trying to embed a Sense app into an iframe in a web app, but getting issues from Microsoft Azure AD (which is the IDP for the Qlik Cloud tenant). It seems that when the frame gets redirected to Azure for authentication, that in turn disallows embed, and so it fails to render.</SPAN></SPAN></SPAN></SPAN></P> <P><SPAN class="message-body-wrapper"><SPAN class="message-flex-body"><SPAN class="message-body devtools-monospace"><SPAN class="objectBox objectBox-string">"The loading of “<A class="url" title="https://login.microsoftonline.com/34343572-9156-4f33-bf0e-d5c10f1d8165/oauth2/v2.0/authorize?client_id=070a28a1-15fc-4dff-a964-609be0220d51&amp;scope=openid%20profile%20email&amp;response_type=code&amp;redirect_uri=https%3A%2F%2Fxh6tp5ddg8ao1nj.eu.qlikcloud.com%2Flogin%2Fcallback&amp;state=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdHIiOjEsInN0aWQiOiIydGdPR1ZyRV8zS1pjNy1wdklHTDVqXzk3VGJRX2ZsdmpxV2FlWC1kYVlrIiwiaWF0IjoxNzA4MzM1MDA3LCJleHAiOjE3MDg5Mzk4MDd9.5Ut3L2wMmXVHe_3Jlg5_4io7YCt5Oz06tlW-ZN-E7aQ&amp;nonce=s_OKm7VjPUdpynDbkoWmyu9UA2K22x501fBm5d3aLlg&amp;code_challenge=efGNemTqe7NRts4Wjuns4zpxvqqdXFy1mh2zIxMLb1o&amp;code_challenge_method=S256" draggable="false" href="https://login.microsoftonline.com/34343572-9156-4f33-bf0e-d5c10f1d8165/oauth2/v2.0/authorize?client_id=070a28a1-15fc-4dff-a964-609be0220d51&amp;scope=openid%20profile%20email&amp;response_type=code&amp;redirect_uri=https%3A%2F%2Fxh6tp5ddg8ao1nj.eu.qlikcloud.com%2Flogin%2Fcallback&amp;state=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdHIiOjEsInN0aWQiOiIydGdPR1ZyRV8zS1pjNy1wdklHTDVqXzk3VGJRX2ZsdmpxV2FlWC1kYVlrIiwiaWF0IjoxNzA4MzM1MDA3LCJleHAiOjE3MDg5Mzk4MDd9.5Ut3L2wMmXVHe_3Jlg5_4io7YCt5Oz06tlW-ZN-E7aQ&amp;nonce=s_OKm7VjPUdpynDbkoWmyu9UA2K22x501fBm5d3aLlg&amp;code_challenge=efGNemTqe7NRts4Wjuns4zpxvqqdXFy1mh2zIxMLb1o&amp;code_challenge_method=S256" target="_blank" rel="noopener noreferrer">https://login.microsoftonline.com/REDACTED</A>” in a frame is denied by “X-Frame-Options“ directive set to “deny“."</SPAN></SPAN></SPAN></SPAN></P> <P><SPAN class="message-body-wrapper"><SPAN class="message-flex-body"><SPAN class="message-body devtools-monospace"><SPAN class="objectBox objectBox-string">Can we pre-auth the browser somehow with javascript to not have this redirect happen? </SPAN></SPAN></SPAN></SPAN></P> Mon, 19 Feb 2024 09:47:47 GMT StefanBackstrand 2024-02-19T09:47:47Z https://community.qlik.com/t5/Integration-Extension-APIs/Embedding-Sense-client-in-iframe-yields-authentication-problem/m-p/2420625#M19940 <P><SPAN class="message-body-wrapper"><SPAN class="message-flex-body"><SPAN class="message-body devtools-monospace"><SPAN class="objectBox objectBox-string">Trying to embed a Sense app into an iframe in a web app, but getting issues from Microsoft Azure AD (which is the IDP for the Qlik Cloud tenant). It seems that when the frame gets redirected to Azure for authentication, that in turn disallows embed, and so it fails to render.</SPAN></SPAN></SPAN></SPAN></P> <P><SPAN class="message-body-wrapper"><SPAN class="message-flex-body"><SPAN class="message-body devtools-monospace"><SPAN class="objectBox objectBox-string">"The loading of “<A class="url" title="https://login.microsoftonline.com/34343572-9156-4f33-bf0e-d5c10f1d8165/oauth2/v2.0/authorize?client_id=070a28a1-15fc-4dff-a964-609be0220d51&amp;scope=openid%20profile%20email&amp;response_type=code&amp;redirect_uri=https%3A%2F%2Fxh6tp5ddg8ao1nj.eu.qlikcloud.com%2Flogin%2Fcallback&amp;state=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdHIiOjEsInN0aWQiOiIydGdPR1ZyRV8zS1pjNy1wdklHTDVqXzk3VGJRX2ZsdmpxV2FlWC1kYVlrIiwiaWF0IjoxNzA4MzM1MDA3LCJleHAiOjE3MDg5Mzk4MDd9.5Ut3L2wMmXVHe_3Jlg5_4io7YCt5Oz06tlW-ZN-E7aQ&amp;nonce=s_OKm7VjPUdpynDbkoWmyu9UA2K22x501fBm5d3aLlg&amp;code_challenge=efGNemTqe7NRts4Wjuns4zpxvqqdXFy1mh2zIxMLb1o&amp;code_challenge_method=S256" draggable="false" href="https://login.microsoftonline.com/34343572-9156-4f33-bf0e-d5c10f1d8165/oauth2/v2.0/authorize?client_id=070a28a1-15fc-4dff-a964-609be0220d51&amp;scope=openid%20profile%20email&amp;response_type=code&amp;redirect_uri=https%3A%2F%2Fxh6tp5ddg8ao1nj.eu.qlikcloud.com%2Flogin%2Fcallback&amp;state=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdHIiOjEsInN0aWQiOiIydGdPR1ZyRV8zS1pjNy1wdklHTDVqXzk3VGJRX2ZsdmpxV2FlWC1kYVlrIiwiaWF0IjoxNzA4MzM1MDA3LCJleHAiOjE3MDg5Mzk4MDd9.5Ut3L2wMmXVHe_3Jlg5_4io7YCt5Oz06tlW-ZN-E7aQ&amp;nonce=s_OKm7VjPUdpynDbkoWmyu9UA2K22x501fBm5d3aLlg&amp;code_challenge=efGNemTqe7NRts4Wjuns4zpxvqqdXFy1mh2zIxMLb1o&amp;code_challenge_method=S256" target="_blank" rel="noopener noreferrer">https://login.microsoftonline.com/REDACTED</A>” in a frame is denied by “X-Frame-Options“ directive set to “deny“."</SPAN></SPAN></SPAN></SPAN></P> <P><SPAN class="message-body-wrapper"><SPAN class="message-flex-body"><SPAN class="message-body devtools-monospace"><SPAN class="objectBox objectBox-string">Can we pre-auth the browser somehow with javascript to not have this redirect happen? </SPAN></SPAN></SPAN></SPAN></P> Mon, 19 Feb 2024 09:47:47 GMT https://community.qlik.com/t5/Integration-Extension-APIs/Embedding-Sense-client-in-iframe-yields-authentication-problem/m-p/2420625#M19940 StefanBackstrand 2024-02-19T09:47:47Z https://community.qlik.com/t5/Integration-Extension-APIs/Embedding-Sense-client-in-iframe-yields-authentication-problem/m-p/2421323#M19960 <P><a href="https://community.qlik.com/t5/user/viewprofilepage/user-id/14150">@StefanBackstrand</a>&nbsp;- absolutely!</P> <P>Here's a <A href="https://qlik.dev/embed/qlik-embed/" target="_blank" rel="noopener">forward looking framework</A>, and here are some<A href="https://qlik.dev/embed/iframe/" target="_blank" rel="noopener"> iFrame specific examples</A>.</P> Tue, 20 Feb 2024 15:53:50 GMT https://community.qlik.com/t5/Integration-Extension-APIs/Embedding-Sense-client-in-iframe-yields-authentication-problem/m-p/2421323#M19960 jprdonnelly 2024-02-20T15:53:50Z